3-2-1 Backup

CISO-in-a-Box CISO-in-a-Box

Backup is the most basic information security measure.  Whatever else happens, your worst-case, baseline fall back is: restore from a backup and get back to work.  So you always want to make sure your backups are rock-solid.  A rule of thumb for how to ensure that is easily remembered as, 3-2-1. 3-2-1 backup means that you should:

    • Have 3 copies of your data (minimum)
    • Keep backups on at least 2 different media
    • Store at least 1 backup offsite

So you can see that this is not as hard or as involved as it might seem, I can give you an example from real life -- from my own desk, my own PC.  I had been using CrashPlan Home for all backups here, but they just announced that the entire Home edition of the product is shutting down over the next year.  The deadline they have given me to get off is mid-January of 2018. It's true, I have two things that some home users do not: a second hard disk in my PC and a file server.  But the same effect can be had for anyone with, say, a large USB drive and a network disk like a Seagate Central.  The other thing I need, and that you'll need, is a cloud storage service.

Backup #1: goes to my second hard disk.  There are many hazards backups protect against.  Probably the most commonly realized one is what we call PEBKAC.  That means, Problem Exists Between Keyboard And Chair.  In other words, this one is for when I am an idiot.  It will not protect me against hardware failure (unless that miraculously spares the one disk drive).  So, in that case, I move on to...

Backup #2: my file server.  This one will be OK even if my entire PC fails.  It's also the one that I encrypt, because it's also the source for a file-sync routine that goes to...

Backup #3: my cloud storage provider.  This is the one I will have to count on if the house burns down.  To do this, I chose a storage service that, like DropBox, does a continuous synchronization as its contents are updated.  Once primed, it will update every time the source backup updates.  I selected pCloud for this, because the yearly price for 2TB of storage was the most competitive, while still supporting the essential sync function. Because I don't trust the encryption at the file storage service alone, I am using a backup software that provides local encryption.  For the software, I chose Duplicati.  It's simple, it's free (but make a donation, if you can!) and it's open-source.  It also supports a vast array of cloud storage providers, so if I want to switch in the future, I will probably be covered. 3-2-1: make sure you can get a working copy of your data if you need to.  Somewhere!  

This article was updated on 2023-05-13 04:31:00

CISO-in-a-Box

Infosec geekosaurus.  All opinions my own.

Information security since 2005.  IT... well into my second millenium. 

You should also read: